package com.cjh.expression;

import com.cjh.entity.LoginUser;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

/**
 * 自定义接口访问权限校验方法
 */
@Component("mySecurityExpressionRoot")
public class MySecurityExpressionRoot {

    public boolean hasAuthority(String authority) {

        //获取当前用户的权限
        LoginUser loginUser = (LoginUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        List<String> permissions = loginUser.getPermissions();
        return permissions.contains(authority);
    }
}
